<?php
require_once("./session.php");
require_once("../include/global.php");

if(empty($_GET['action']))
{
print <<<HTML
<div id="catelist" style="width:100%; margin:0 auto;padding-bottom:15px;">
  <div class="admin_title" >栏目管理</div>
  <div id="content" style="width:100%; margin-top:10px;">
<table width="540" border="1" cellpadding="0" cellspacing="0" bordercolor="#ffffff">
  <tr style="background:#6784A4">
    <td width="40" height="25" align="center">ID</td>
    <td width="100" align="center">栏目名称</td>
    <td width="150" align="center">栏目注释</td>
	<td width="50" align="center">隐藏栏目</td>
	<td width="30" align="center">顺序</td>
    <td colspan="2" align="center">操作</td>
    </tr>
HTML;

$sql = "SELECT * FROM blog_category order by cate_Order ";
$result = mysql_query($sql) or die(mysql_error());
while($rs = mysql_fetch_object($result))
{
print <<<HTML
  <tr>
    <form name=$rs->cate_ID id=$rs->cate_ID method="post" action="./main.php?do=category&action=save">
    <td height="20" align="center">$rs->cate_ID<input name="cate_ID" type="hidden" value="$rs->cate_ID" /></td>
    <td align="center"><input name="cate_Name" type="text" value="$rs->cate_Name" /></td>
    <td align="center"><input name="cate_Intro" type="text" value="$rs->cate_Intro" /></td>
	<td align="center"><input name="cate_Secret" type="text" value="$rs->cate_Secret" size=4/></td>
	<td align="center"><input name="cate_Order" type="text" value="$rs->cate_Order" size=4 maxlength=4 /></td>
    <td width="30" align="center">
	<button type=submit style="border:0px;"><img src="./images/icon_save.gif" alt="保存修改" width="16" height="16" /></button></td>
    <td width="30" align="center">
	<a href="$phpself?do=category&action=delete&cateID=$rs->cate_ID" ><img src="./images/icon_del.gif" alt="删除" width="16" height="16" /></a></td>
	</form>
  </tr>
HTML;
}
  
print <<<HTML
  <tr style="background:#6784A4">
    <td height="25" align="left" colspan="7">&nbsp;&nbsp;添加栏目</td>
  </tr>
  <tr>
    <form name="addcate" id="addcate" method="post" action="./main.php?do=category&action=save">
    <td height="20" align="center"><input name="cate_ID" type="hidden" value="0" />0</td>
    <td align="center"><input name="cate_Name" type="text" value="" /></td>
    <td align="center"><input name="cate_Intro" type="text" value="" /></td>
	<td align="center"><input name="cate_Secret" type="text" value="" size=4/></td>
	<td align="center"><input name="cate_Order" type="text" value="" size=4 maxlength=4 /></td>
	<td colspan="2" align="center">
	<button type=submit style="border:0px;"><img src="./images/icon_save.gif" alt="保存栏目" width="16" height="16" /></button></td>
	</form>
  </tr>
</table>
<p></p>
  </div>
</div>
HTML;
}
else
{
    switch($_GET['action'])
	{
	    case "delete" :
		   if(!empty($_GET['cateID']) && is_numeric($_GET['cateID']))
		   {  
		        DelCategory($_GET['cateID']);
				echo "<script>location.href='main.php?do=category';</script>"; 
		   }
		   break;
		   
		case "save" :
		   
		   $cate_ID    = intval($_POST['cate_ID']);
		   $cate_Name  = htmlspecialchars(my_addslashes($_POST['cate_Name']));
		   $cate_Intro   = htmlspecialchars(my_addslashes($_POST['cate_Intro']));
		   $cate_Secret = intval($_POST['cate_Secret']);
		   $cate_Order = intval($_POST['cate_Order']);
		   
		   $sql = "SELECT * from blog_category where cate_ID = $cate_ID ";
		   $result  = mysql_query($sql);
		   if(!mysql_num_rows($result))
		   {  
		       $sql = "INSERT INTO blog_category(cate_ID,cate_Name,cate_Intro,cate_Secret,cate_Count,cate_Order)VALUES(0,'$cate_Name','$cate_Intro','$cate_Secret','0','$cate_Order')";
		   }else{
		       $sql = "UPDATE blog_category SET cate_Name = '$cate_Name',cate_Intro = '$cate_Intro',cate_Secret = '$cate_Secret',
cate_Order = $cate_Order WHERE cate_ID = $cate_ID LIMIT 1 ";
		   }
		   
		   mysql_query($sql) or die(mysql_error());
		   echo "<script>location.href='main.php?do=category';</script>"; 
		   
		default:break;
	}
}
?>
